---
- name: ensure the drbackup group exists
  group: name=drbackup state=present

- name: ensure the drbackup user exists
  user: name=drbackup comment="DR Backup User" group=drbackup shell=/bin/bash home=/var/lib/drbackup

- name: Make sure the drbackup homedir exists
  file: dest=/var/lib/drbackup/ state=directory owner=drbackup group=drbackup mode=0700

- name: install the authorized SSH key
  file: dest=/var/lib/drbackup/.ssh/ state=directory owner=drbackup group=drbackup mode=0700

- name: install the backup ssh keys
  copy: src={{private}}/files/backup.pub dest=/var/lib/drbackup/.ssh/authorized_keys owner=drbackup group=drbackup mode=0600

#
# deploy the confine-ssh script
#
- include: "{{tasks}}/confine_ssh.yml"
